Buff is a retired vulnerable Windows machine available from HackTheBox. The machine maker is egotisticalSW, thank you. It has an Easy difficulty with a rating of 3.6 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
There are files (e.g. PHP files, config files) I need to maintain at my SiteGround shared hosting. Using FTP, File Manager or SSH into the server and make changes are not idea. I would like to use Visual Studio Code to make changes remotely. How can I do that? Typically, Visual Studio Code Development on […]
I have a AMD Ryzen 7 3700X build with Asus TUF Gaming X570-Plus motherboard. To improve security of the system, I decided to perform full disk encryption on Windows 10. There are 2 methods Windows 10 offers: Device Encryption and BitLocker Encryption. Device Encryption Device encryption may or may not be available on your system […]
This is an updated installation guide in according to the installation guide for pfSense 2.4.4 I posted couple years ago. You can reference it on how to create USB installer. Note: The installation process for pfSense 2.5.2 vs pfSense 2.4.4 is mostly the same with minor differences. Minimum Hardware Requirements 64-bit amd64 (x86-64) compatible CPU […]
Tabby is a retired vulnerable Linux machine available from HackTheBox. The machine makers are egre55, thank you. It has an Easy difficulty with a rating of 4.8 out of 10. This is a nice box. I enjoy it and learn something new. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. […]
Blunder is a retired vulnerable Linux machine available from HackTheBox. The machine maker is egotisticalSW, thank you. It has an Easy difficulty with a rating of 4.1 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. No automated tools are needed. The goal is to obtain root shell […]
Cache is a retired vulnerable Linux machine available from HackTheBox. The machine maker is ASHacker, thank you. It has an Medium difficulty with a rating of 5 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
Admirer is a retired vulnerable Linux machine available from HackTheBox. The machine makers are polarbearer & GibParadox, thank you. It has an Easy difficulty with a rating of 5.3 out of 10. This is a great box. I really enjoy it. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The […]
Curling is a retired vulnerable Linux machine available from HackTheBox. The machine maker is L4mpje, thank you. It has an Easy difficulty with a rating of 4.4 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
I was looking for a way to pass through GPU acceleration to virtual machines for some processing tasks. However, most methods (such as DDA or VMware ESXi) requires specific server hardware, server hypervisor OS, support CPU & motherboard firmware. Sadly, I don’t have matching specification to use those methods. Then I come across RemoteFX. While […]
Remote is a retired vulnerable Windows machine available from HackTheBox. The machine maker is mrb3n, thank you. It has an Easy difficulty with a rating of 4.7 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. No automated tools are needed. The goal is to obtain root shell […]
My build: Ryzen 7 3700X Build with Asus TUF Gaming X570-Plus While the RGB lights in my PC build add beautiful lighting effects to the computer, there are time and situation when you don’t want those flashy RGB lights. In my case, my PC build is used as a work machine, not a gaming machine. […]
My last PC build was an Intel i7-4770K with Asus Z87-Plus. It serves me well for many years. But has recently been giving me different issues. It’s about time to build another one before it runs out on me. The AMD 3rd GEN seems very promising so this time I would like to try out […]
Jarvis is a retired vulnerable machine available from HackTheBox. The machine maker is manulqwerty & Ghostpp7, thank you. It has a Medium difficulty with a rating of 4.9 out of 10. I think it’s somewhat between easy & medium. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is […]
Typically in AWS environment, we use CodePipeline as the orchestrator to build, test and deploy our application/service. But in some scenario such as deploying static websites, we may just need to achieve simple continuous deployment. In these cases, we don’t need the full blown deployment pipeline for staging and approval process. We can simply use […]
Mirai is a retired vulnerable machine available from HackTheBox. The machine maker is Arrexel, thank you. It is a pretty easy machine with a difficulty rating of 3.7 out of 10. No automated tools are required to solve the machine. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal […]
Next.js is the React Framework that helps deploying a static website or dynamic website with server side rendering. This post will illustrates how to host a simple React application on AWS S3 using Next.js framework. Node.js is required. Setup Next.js project npm init next-app This command will ask couple simple questions including project name & […]
AWS File gateway, running as a VM server locally, can act as a NFS or SMB file share to actually store your files at AWS S3. Your on-premise machines can then connect and mount the file share to access data stored at S3 as if they are available locally. This can be a great first […]
The post looks at some options moving forward for developing applications using React/Angular/Vue with ASP.NET Core. Each option has it’s own advantage and short comings depending on the application requirements. SpaServices & NodeServices going away SpaServices and NodeServices become deprecated, starting at .NET Core 3.1. And they will be removed when .NET 5 arrives. .NET […]
Exploitation Summary Initial Exploitation Vulnerability: SQL Injection vulnerability of CMS Made Easy Explanation: CMS Made Easy version 2.2.9.1 has a SQL Injection vulnerability that results in exposure to login id and password hash Privilege Escalation Vulnerability: Hijack Command Execution by Path Interception Explanation: A writable bin folder exists in the execution search PATH and is […]
Buff is a retired vulnerable Windows machine available from HackTheBox. The machine maker is egotisticalSW, thank you. It has an Easy difficulty with a rating of 3.6 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
I have a AMD Ryzen 7 3700X build with Asus TUF Gaming X570-Plus motherboard. To improve security of the system, I decided to perform full disk encryption on Windows 10. There are 2 methods Windows 10 offers: Device Encryption and BitLocker Encryption. Device Encryption Device encryption may or may not be available on your system […]
Tabby is a retired vulnerable Linux machine available from HackTheBox. The machine makers are egre55, thank you. It has an Easy difficulty with a rating of 4.8 out of 10. This is a nice box. I enjoy it and learn something new. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. […]
Blunder is a retired vulnerable Linux machine available from HackTheBox. The machine maker is egotisticalSW, thank you. It has an Easy difficulty with a rating of 4.1 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. No automated tools are needed. The goal is to obtain root shell […]
Cache is a retired vulnerable Linux machine available from HackTheBox. The machine maker is ASHacker, thank you. It has an Medium difficulty with a rating of 5 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
Admirer is a retired vulnerable Linux machine available from HackTheBox. The machine makers are polarbearer & GibParadox, thank you. It has an Easy difficulty with a rating of 5.3 out of 10. This is a great box. I really enjoy it. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The […]
Curling is a retired vulnerable Linux machine available from HackTheBox. The machine maker is L4mpje, thank you. It has an Easy difficulty with a rating of 4.4 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is to obtain root shell together with both user & […]
I was looking for a way to pass through GPU acceleration to virtual machines for some processing tasks. However, most methods (such as DDA or VMware ESXi) requires specific server hardware, server hypervisor OS, support CPU & motherboard firmware. Sadly, I don’t have matching specification to use those methods. Then I come across RemoteFX. While […]
Remote is a retired vulnerable Windows machine available from HackTheBox. The machine maker is mrb3n, thank you. It has an Easy difficulty with a rating of 4.7 out of 10. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. No automated tools are needed. The goal is to obtain root shell […]
My build: Ryzen 7 3700X Build with Asus TUF Gaming X570-Plus While the RGB lights in my PC build add beautiful lighting effects to the computer, there are time and situation when you don’t want those flashy RGB lights. In my case, my PC build is used as a work machine, not a gaming machine. […]
Jarvis is a retired vulnerable machine available from HackTheBox. The machine maker is manulqwerty & Ghostpp7, thank you. It has a Medium difficulty with a rating of 4.9 out of 10. I think it’s somewhat between easy & medium. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal is […]
Typically in AWS environment, we use CodePipeline as the orchestrator to build, test and deploy our application/service. But in some scenario such as deploying static websites, we may just need to achieve simple continuous deployment. In these cases, we don’t need the full blown deployment pipeline for staging and approval process. We can simply use […]
Mirai is a retired vulnerable machine available from HackTheBox. The machine maker is Arrexel, thank you. It is a pretty easy machine with a difficulty rating of 3.7 out of 10. No automated tools are required to solve the machine. Kali Linux is used to carry out the enumeration, exploitation and privilege escalation. The goal […]
Next.js is the React Framework that helps deploying a static website or dynamic website with server side rendering. This post will illustrates how to host a simple React application on AWS S3 using Next.js framework. Node.js is required. Setup Next.js project npm init next-app This command will ask couple simple questions including project name & […]
AWS File gateway, running as a VM server locally, can act as a NFS or SMB file share to actually store your files at AWS S3. Your on-premise machines can then connect and mount the file share to access data stored at S3 as if they are available locally. This can be a great first […]
Exploitation Summary Initial Exploitation Vulnerability: SQL Injection vulnerability of CMS Made Easy Explanation: CMS Made Easy version 2.2.9.1 has a SQL Injection vulnerability that results in exposure to login id and password hash Privilege Escalation Vulnerability: Hijack Command Execution by Path Interception Explanation: A writable bin folder exists in the execution search PATH and is […]